Overview

overview

10

Static

static

Fra FAC-ES...oc.exe

windows7_x64

10

Fra FAC-ES...oc.exe

windows10_x64

10

Analysis

  • max time kernel
    122s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-en-20210920
  • submitted
    14-10-2021 05:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Fra FAC-ES101-2107-03806.doc.exe

  • Size

    100KB

  • MD5

    18b804e21a3c1c80c195e7d20dc38477

  • SHA1

    9622e70cd6db56de3488e99cd18c5f51e54afb64

  • SHA256

    cbc14388711803d5a3f90396d4d33c9b3da952c37a5d919daed329cbd487c1b4

  • SHA512

    21eade10fb00f4ef5356025ce037983b2e220835345b4bd141f1063367da309390caa83d9d822177bf5c3ef900c311a12afff2f9731787f0afb4c6f35576ffec

Score
10/10
guloaderdownloader

Malware Config

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

    downloaderguloader
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Fra FAC-ES101-2107-03806.doc.exe
    "C:\Users\Admin\AppData\Local\Temp\Fra FAC-ES101-2107-03806.doc.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2012-54-0x0000000000220000-0x0000000000226000-memory.dmp
    Filesize

    24KB

    Download
  • memory/2012-55-0x0000000000220000-0x000000000022A000-memory.dmp
    Filesize

    40KB

    Download
  • memory/2012-56-0x0000000000300000-0x0000000000311000-memory.dmp
    Filesize

    68KB

    Download